The Great Unraveling: When Hacks, Valuation Games, and AI Ego Collide
Security is imploding, venture capital is playing musical chairs with AI startups, and nobody's actually building defensible moats. Here's what's about to break.
The tech stack is rotting from the inside out, and we’re all pretending not to notice.
In the last few weeks, we’ve watched critical infrastructure get knocked offline by Iran-linked hackers. Thousands of routers owned by ordinary people got weaponized by Russian military operations. WordPress plugins—the unglamorous glue holding up millions of websites—turned into trojan horses after someone bought them and injected backdoors. Nvidia GPUs, the literal foundation of every AI company’s dreams, discovered they can be completely owned through Rowhammer attacks. And OpenClaw is apparently giving security experts yet another reason to lose sleep.
These aren’t isolated incidents. This is the sound of a system that scaled too fast to defend itself.
Photo by Berna / Pexels
The Backdoor Economy Is Real Now
Let me be direct: the WordPress plugin hack is the canary in the coal mine. Not because it’s the worst attack—it’s not—but because it exposes how supply chains work in the actual economy that runs websites.
Someone bought dozens of popular plugins from their original authors. Plugins that thousands of websites depend on. Then they planted malware. This isn’t sophisticated nation-state stuff. This is capitalism with a knife.
The scariest part? It’s incredibly profitable. You don’t need to break into Fort Knox anymore. You just wait for some developer to get tired, sell their plugin for a few grand, and boom—instant access to thousands of sites. It’s like buying a key to a hundred different apartments instead of picking locks.
I think we’re going to see this model replicated everywhere. Open source maintainers are already exhausted. Small plugin authors are already broke. The economics are screaming for acquisition vultures to move in. And once that happens at scale, the web becomes a lot less like infrastructure and a lot more like a hostage situation.
When Your Routers Become Someone Else’s Weapons
Russia’s military hacking thousands of consumer routers is particularly nasty because it points at something we’ve been avoiding: most of us can’t actually tell if our devices have been compromised.
Your router sits there blinking at you. You reboot it when the WiFi gets weird. You never update the firmware because the process is opaque and takes thirty seconds and might break things. Perfect conditions for someone to turn it into a botnet node without you ever knowing.
This scales differently than the WordPress hack. This is about raw infrastructure. Iran hitting US critical infrastructure sites does something similar—not for money, but for leverage. For the ability to say “we can disrupt your power grid” without actually needing to.
The pattern here is almost quaint: traditional cybersecurity assumed you’d notice when you got hit. You’d see downtime. You’d see money moving. But modern attacks want to live in your systems, invisible, until someone decides to flip the switch. That’s a completely different threat model than the one most organizations are actually defending against.
Photo by UMA media / Pexels
The GPU Gods Have Feet of Sand
Now here’s where my stomach actually tightens: Rowhammer attacks on Nvidia GPUs giving complete control of machines.
Every AI company on Earth is built on the assumption that you can trust your hardware layer. You spin up cloud instances. You run your training jobs. You assume—deeply, foundationally assume—that the hardware underneath is doing what it’s supposed to do.
Rowhammer is a physical bit-flip attack. It’s been around for over a decade. Nvidia apparently didn’t fix it. And now someone can completely own a GPU from software.
This is not a “patch and move on” situation. This breaks the entire trust model. If I’m an AI company—say, one of the megacap labs burning through billions—and my GPUs can be silently compromised, what does that mean? It means my training data could be exfiltrated. It means someone could poison my weights without me knowing. It means my models are potentially compromised at the source.
I genuinely don’t know how this gets fixed without replacing hardware. And I’m not certain anyone at Nvidia has figured it out either.
While All This Burns, VCs Are Playing Monopoly
Meanwhile, in the land of make-believe valuations, we’re watching something genuinely absurd happen.
Fluidstack is in talks for a $1 billion funding round at an $18 billion valuation. This is months after it was valued at $7.5 billion. The reason? It signed a $50 billion deal to build data centers for Anthropic. That’s not a valuation based on revenue or customers. That’s a valuation based on one customer’s theoretical future commitment. It’s a house of cards playing poker.
But here’s the thing that actually matters: Anthropic’s valuation is making investors nervous about OpenAI. One investor backing both told the FT that OpenAI’s recent round only makes sense if you assume an IPO at $1.2 trillion or more. At $380 billion, Anthropic suddenly looks cheap by comparison.
This is venture capital doing what it does when the actual financial metrics stop working: it shifts the goalposts. Instead of “what will this company earn,” it becomes “what narrative can we tell that justifies the number we already wrote down.”
Fluidstack’s valuation could collapse tomorrow if Anthropic’s data center deal changes shape. It won’t. The money will just move somewhere else. That’s the part nobody wants to admit about AI venture capital right now—it’s not about sustainable business models anymore. It’s about musical chairs with very large numbers.
The Government Wants In, But Can’t Be Seen Wanting In
Here’s where it gets weird in a different direction: Anthropic’s Jack Clark confirmed that the company briefed the Trump administration on something called Mythos. This is happening while Anthropic is simultaneously suing the government.
This is very Silicon Valley—maintain adversarial relationships with regulators while feeding them information, funding, and access. It’s not corruption exactly. It’s something weirder. It’s the AI industry and government talking past each other while pretending to be enemies.
Waymo is testing robotaxis in London. If UK government approval follows, that’s the first major Western city to legitimize autonomous vehicles at scale. That’s not a tech story. That’s a political inflection point.
I think what’s happening is that governments are slowly accepting that they can’t actually regulate AI or robotics until there are clear commercial services to point at. So they’re going to approve things, one city at a time, one briefing at a time, and then scramble to make rules after the fact.
What I’m Watching
-
Nvidia’s response to Rowhammer GPU exploits within 60 days. If they release a patch that actually fixes it, that’s one thing. If they release statements about it being “not practically exploitable” or push responsibility to cloud providers, that’s a huge tell that the problem is deeper than they want to admit.
-
Whether Fluidstack’s valuation holds through Q2. If data center startup valuations start compressing when Anthropic’s capex plans clarify, that’s your signal that the venture capital AI bubble is starting to notice its own reflection.
-
The next major supply-chain attack on WordPress, npm, or PyPI. Not if. When. Watch for acquisitions of smaller projects. That’s the tells.
-
How many US government agencies actually implement Anthropic’s Mythos recommendations. This is almost impossible to track, but if you see policy movement around AI testing or regulatory sandboxes that smells like it came from a Claude briefing, you’re watching the government outsource its own AI strategy.
The security infrastructure is failing. The venture capital is detached from reality. And the people building the most important technology in the world are getting briefings with government officials while suing them.
This is going to end in a way that surprises everyone, and not the good kind of surprise.